Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2

Thread: php

  1. #1
    New to the CF scene
    Join Date
    Jul 2012
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    php

    hi i am new in php
    i am stuck in the login code in username and password validation code
    in this code if we dont enter the username and password then also it allows to login successfully
    the code is


    <?php

    include('config.inc');

    mysql_connect($hostname, $_username, $_password) or DIE(mysql_error());
    mysql_select_db($_dbname) or DIE(mysql_error());

    $u=trim($_POST['username']);

    $p=trim($_POST[password]);

    echo"<br>--$u--$p--";


    if($u="" && $p="")

    {

    echo("not allowed");
    }

    else
    {

    if($u!="" && $p!="");

    {
    echo"<br><b>---$u</b>";

    $query="select * from user_table where username='$u'";

    $res=mysql_query($query) or DIE(mysql_error());

    $final=mysql_fetch_array($res);

    $pass=$final['password'];

    if($_POST['password']!=$pass)

    {

    echo"<p><font color=\"red\">Incorrect username or password</font></p>";

    }

    else

    {

    $uname=$final['username'];

    $type=$final['usertype'];

    $_POST['op']="allowed";

    echo"yo";

    echo" Success $uname $type $_POST[op]";

    //sesson_start();

    $_SESSION['username']=$_POST['username'];

    $_SESSION['permitted']="true";

    $_SESSION['type']=$type;

    //header("Location:new.php");

    }

    }
    }

    ?>

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    This is a horrendously tricky one.
    Since you don't have proper error checking here, this is actually a disaster to follow.
    PHP Code:
    if($u="" && $p=""
    That is an assignment. Although the assignment itself is successful, the result of empty is loosely compared to false. Given the properties of an && comparison, what this does:
    PHP Code:
    $u 'cat';
    $p 'dog';
    if (
    $u "" && $p "")
    {
        print 
    'not empty'// although this isn't correct.
    }
    else
    {
        
    printf('$u = %s, $p = %s' PHP_EOL$u$p);

    Will actually result in $u = , $p = dog. Since the first condition of the && evaluates to false, the second condition doesn't apply.

    Therefore you end up in the else. And evaluate this clause:
    PHP Code:
    if($u!="" && $p!=""); 
    Semi-colon at the end of a branch condition is always true (except a loop where its the last, but it still true once). So that effectively says if (false && true); which is true (without the semi-colon it is false).

    Therefore you now process this:
    PHP Code:
    echo"<br><b>---$u</b>";

    $query="select * from user_table where username='$u'";

    $res=mysql_query($query) or DIE(mysql_error());

    $final=mysql_fetch_array($res);

    $pass=$final['password']; 
    $u is empty. Its highly improbable that you have a returned result. Therefore $final is an empty array. $final['password'] is null.

    Now the last important one:
    PHP Code:
    if($_POST['password']!=$pass
    If nothing is entered, then the login is successful. If username and password are entered, its a failure since the $_POST['password'] will not equal nothing.

    So what you need to do is:
    PHP Code:
    session_start();
    // sql stuffs.

    if (isset($_POST['username'], $_POST['password']))
    {
        
    $u trim($_POST['username']);
        
    $p trim($_POST['password']);
        if (empty(
    $u) || empty($p))
        {
            print 
    'Username and password cannot be empty';
        }
        else
        {
            
    $query="select * from user_table where username='" mysql_real_escape_string($u) . "'";
            if (
    $qry = @mysql_query($query))
            {
                if (
    mysql_num_rows($qry) == 1)
                {
                    
    $record mysql_fetch_assoc($qry);
                    
    $password $record['password'];
                    
    // of course, I assume you'll actually be hashing this in some way.
                    
    if ($password == $p)
                    {
                        
    $_SESSION['username']=$record['username'];
                        
    $_SESSION['permitted']=true;
                        
    $_SESSION['type']=$record['usertype'];
                        
    header("Location:new.php"); // this should be a fully qualified domain and path
                    
    }
                    else
                    {
                        print 
    'Password is incorrect';
                    }
                }
                else
                {
                    print 
    'Username is incorrect';
                }
            }
            else
            {
                die(
    mysql_error());
            }
        }

    Untested, works fine in my head.

    In the future, please choose a more suitable title as well as wrapping your code in [php][/php] tags to preserve the formatting.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •